Hi HW thank you very much, that helps. I was before on a page describing this advanced routing, however, the main title there was "Load Sharing and Performance increase", which is not, what I sought. So I let it off. suomi > On Sun, Jan 31, 2010 at 12:05 PM, <fedora@xxxxxxxx> wrote: >> Hi every >> >> I am changing the ISP from aaa.bbb.243.160/27 to ccc.ddd.206.128/27. >> In order to provide seamless service to our customers I made the hosts >> concerned multihomed, i.e. I added them a logical interface on the new >> subnet. I did not introduce a additional NIC into the hosts. >> Then, I changed the default route on the hosts to the new network. >> >> e.g in one host concerned you will see >> >> myhost:~ # ifconfig >> eth0 Link encap:Ethernet HWaddr 00:80:AD:B8:39:C3 >> inet addr:ccc.ddd.206.132 Bcast:aaa.bbb.243.191 >> Mask:255.255.255.224 >> inet6 addr: fe80::80:adb8:39c3/10 Scope:Link >> inet6 addr: fe80::280:adff:feb8:39c3/10 Scope:Link >> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >> RX packets:2733080 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:2494806 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:119322 txqueuelen:100 >> RX bytes:791914000 (755.2 Mb) TX bytes:579375282 (552.5 Mb) >> Interrupt:9 Base address:0xf000 >> >> eth0:1 Link encap:Ethernet HWaddr 00:80:AD:B8:39:C3 >> inet addr:192.168.97.164 Bcast:192.168.97.255 >> Mask:255.255.255.0 >> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >> Interrupt:9 Base address:0xf000 >> >> eth0:2 Link encap:Ethernet HWaddr 00:80:AD:B8:39:C3 >> inet addr:aaa.bbb.243.164 Bcast:ccc.ddd.206.159 >> Mask:255.255.255.224 >> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >> Interrupt:9 Base address:0xf000 >> >> lo Link encap:Local Loopback >> inet addr:127.0.0.1 Mask:255.0.0.0 >> inet6 addr: ::1/128 Scope:Host >> UP LOOPBACK RUNNING MTU:16436 Metric:1 >> RX packets:372918 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:372918 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:0 >> RX bytes:92340116 (88.0 Mb) TX bytes:92340116 (88.0 Mb) >> >> myhost:~ # >> >> and >> >> myhost:~ # route -n >> Kernel IP routing table >> Destination Gateway Genmask Flags Metric Ref Use >> Iface >> aaa.bbb.243.160 0.0.0.0 255.255.255.224 U 0 0 0 >> eth0 >> ccc.ddd.206.128 0.0.0.0 255.255.255.224 U 0 0 0 >> eth0 >> 192.168.97.0 0.0.0.0 255.255.255.0 U 0 0 0 >> eth0 >> 0.0.0.0 ccc.ddd.206.129 0.0.0.0 UG 0 0 0 >> eth0 >> myhost:~ # >> >> NOTE: this multihoming has nothing to do with additional security or >> performance. >> >> I did not install something with iproute2 or other routing enhancements. >> >> PROBLEM: the multihoming works only partially. >> >> if I invoke e.g. ping on http://iptools.com/ the ping reply does not >> come >> back to its origin. The echo request reaches my server, my server sends >> an >> echo reply, which never reaches the originator. >> >> >> myhost:~ # tcpdump -n ip proto \\icmp >> Kernel filter, protocol ALL, datagram packet socket >> tcpdump: listening on eth0 >> 10:58:35.508765 74.52.9.36 > aaa.bbb.243.164: icmp: echo request (DF) >> 10:58:35.508765 aaa.bbb.243.164 > 74.52.9.36: icmp: echo reply (DF) >> 10:58:36.508765 74.52.9.36 > aaa.bbb.243.164: icmp: echo request (DF) >> 10:58:36.508765 aaa.bbb.243.164 > 74.52.9.36: icmp: echo reply (DF) >> 10:58:37.508765 74.52.9.36 > aaa.bbb.243.164: icmp: echo request (DF) >> 10:58:37.508765 aaa.bbb.243.164 > 74.52.9.36: icmp: echo reply (DF) >> 10:58:38.508765 74.52.9.36 > aaa.bbb.243.164: icmp: echo request (DF) >> 10:58:38.508765 aaa.bbb.243.164 > 74.52.9.36: icmp: echo reply (DF) >> 10:58:39.508765 74.52.9.36 > aaa.bbb.243.164: icmp: echo request (DF) >> 10:58:39.508765 aaa.bbb.243.164 > 74.52.9.36: icmp: echo reply (DF) >> ... >> >> on http://iptools.com/ : >> PING aaa.bbb.243.164 (aaa.bbb.243.164) 56(84) bytes of data. >> >> --- aaa.bbb.243.164 ping statistics --- >> 5 packets transmitted, 0 received, 100% packet loss, time 3999ms >> >> >> >> If, however, I ping the Host on the other (the new) network address from >> http://iptools.com/, the ping gets through: >> >> >> myhost:~ # tcpdump -n ip proto \\icmp >> Kernel filter, protocol ALL, datagram packet socket >> tcpdump: listening on eth0 >> 11:23:04.117248 74.52.9.36 > ccc.ddd.206.132: icmp: echo request (DF) >> 11:23:04.117248 ccc.ddd.206.132 > 74.52.9.36: icmp: echo reply (DF) >> 11:23:05.117248 74.52.9.36 > ccc.ddd.206.132: icmp: echo request (DF) >> 11:23:05.117248 ccc.ddd.206.132 > 74.52.9.36: icmp: echo reply (DF) >> 11:23:06.117248 74.52.9.36 > ccc.ddd.206.132: icmp: echo request (DF) >> 11:23:06.117248 ccc.ddd.206.132 > 74.52.9.36: icmp: echo reply (DF) >> 11:23:07.117248 74.52.9.36 > ccc.ddd.206.132: icmp: echo request (DF) >> 11:23:07.117248 ccc.ddd.206.132 > 74.52.9.36: icmp: echo reply (DF) >> 11:23:08.117248 74.52.9.36 > ccc.ddd.206.132: icmp: echo request (DF) >> 11:23:08.117248 ccc.ddd.206.132 > 74.52.9.36: icmp: echo reply (DF) >> >> on http://iptools.com/ >> >> PING ccc.ddd.206.132 (ccc.ddd.206.132) 56(84) bytes of data. >> 64 bytes from ccc.ddd.206.132: icmp_seq=1 ttl=245 time=132 ms >> 64 bytes from ccc.ddd.206.132: icmp_seq=2 ttl=245 time=132 ms >> 64 bytes from ccc.ddd.206.132: icmp_seq=3 ttl=245 time=133 ms >> 64 bytes from ccc.ddd.206.132: icmp_seq=4 ttl=245 time=132 ms >> 64 bytes from ccc.ddd.206.132: icmp_seq=5 ttl=245 time=132 ms >> >> --- ccc.ddd.206.132 ping statistics --- >> 5 packets transmitted, 5 received, 0% packet loss, time 4000ms >> rtt min/avg/max/mdev = 132.915/132.980/133.114/0.405 m >> >> If I ping the iptools.com host from my host: >> >> myhost:~ # ping 74.52.9.36 >> PING 74.52.9.36 (74.52.9.36): 56 data bytes >> 64 bytes from 74.52.9.36: icmp_seq=0 ttl=54 time=134.925 ms >> 64 bytes from 74.52.9.36: icmp_seq=1 ttl=54 time=133.172 ms >> 64 bytes from 74.52.9.36: icmp_seq=2 ttl=54 time=133.426 ms >> 64 bytes from 74.52.9.36: icmp_seq=3 ttl=54 time=133.735 ms >> 64 bytes from 74.52.9.36: icmp_seq=4 ttl=54 time=133.503 ms >> --- 74.52.9.36 ping statistics --- >> 5 packets transmitted, 5 packets received, 0% packet loss >> round-trip min/avg/max = 133.172/133.752/134.925 ms >> myhost:~ # >> >> Summary: If, on my host, a service is called for on the old >> (aaa.bbb.243.160/27) network, it is not properly answered on the new >> network (ccc.ddd.206.128/27). >> >> I also tried to enable IP forwarding on this host >> >> myhost:~ # !493 >> echo "1" > /proc/sys/net/ipv4/ip_forward >> myhost:~ # cat /proc/sys/net/ipv4/ip_forward >> 1 >> myhost:~ # >> >> but this did not change anything either. >> Furthermore, I was informed on my googling around, that IP forwarding >> must >> not be enabled on a multihomed host. >> >> What did I miss? >> > > You need to correct the routing, see > http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.multiple-links.html > > //HW > >> Thanks for any hints. >> >> suomi >> >> >> >> >> -- >> users mailing list >> users@xxxxxxxxxxxxxxxxxxxxxxx >> To unsubscribe or change subscription options: >> https://admin.fedoraproject.org/mailman/listinfo/users >> Guidelines: >> http://fedoraproject.org/wiki/Communicate/MailingListGuidelines >> > -- > users mailing list > users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Guidelines: > http://fedoraproject.org/wiki/Communicate/MailingListGuidelines > -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
